Spamzy

New York security researcher Joe Klein of Command Information told people attending the the annual HOPE (Hackers on Planet Earth) conference that weak, or nonexistent, implementations in security software can leave otherwise-secure systems so open that in some cases, “it’s as if there’s no firewall running at all”.

The internet is s full of computers surreptitiously running IPv6, “unbeknownst to their owners,” he said, according to Daily Tech, which goes on:

Compounding the problem is the number of operating systems shipped with IPv6 enabled by default, which includes Windows Vista, Linux’s 2.6 kernel, Sun’s Solaris, Mac OS X, and a variety of cell phones operating systems, including Windows Mobile 5 and 6.

Computers with a lackluster IPv6 setup – even if they have a strong IPv4 firewall or Intrusion Detection System (IDS) in place – are just as naked in IPv6 space as they would be in IPv4-space without a firewall, with any program that listens for connections allowed to accept them. Most operating systems, by default, use a handful of “listeners” used for networking and internal processes – and it is these listeners that are frequently the first to be targeted in an attack.

Network administrators who don’t keep tabs of their systems face a huge risk, said Klein in the story.

“Essentially, we have systems that are wide open to a network,” it has him saying. “It’s like having wireless on your network without knowing it.”

Adds Daily Tech:

Security researchers have for some time found hackers exploiting IPv6. A 2002 post from Lance Spitzer of the Honeynet project observed a hacker that broke in to a Solaris-based honeypot through normal means, enabled IPv6 connectivity in the OS, and then set up a tunnel out of the network that went into another country. The break-in was only discovered due to network packet-sniffing, and even then Spitzer says he was unable to decode the data being sent out.

One of the biggest threats is the variety of backwards-compatibility schemes designed to tunnel IPv6 traffic through an IPv4 system, like Teredo or the 6to4 system: the very act of tunneling often circumvents firewalls by nature.

“Teredo/ISATAP is currently and will continue to be a major red flag for networks that have both IP versions enabled, because tunneling confuses the heck out of a lot of firewalls and IDS deployments,” said an unnamed DoD security specialist,” the story quotes Wired’s Threat Level as saying.

. .

See more here:
Naked in IPv6 space

‘Your friend has paid us to kill you…’

You know how it is - things are a bit quiet in the internet cafes of Lagos, people have sussed MARIAM ABACHA doesn’t really have $30,000,000 (THIRTY MILLION DOLLARS) in gold bullion looted from Saddam Hussein’s personal vault, and so it looks like it’s time to up the email scam ante.…

Credit:
419ers crank up the menaces

It is not uncommon to open an email and have it appear like gibberish. These seemingly random characters are spam messages. Why are so many written like this?

Read more:
Why Are a Lot of Spam Messages Written Like Gibberish?

Spam is one of the most irritating aspects of the internet. Everyone has opened their email boxes and found numerous spam emails at one time or another. Where do spammers get your email address in the first place?

Read more from the original source:
Where Do Spammers Get My Email Address?

AntiVirusPro is another misleading corrupt anti-spyware tool, known for professional money-milking. It is a counterfeit program that tries to steal your money by showing you exaggerated error reports and asking you to buy its “full” version. DO NOT trust these scammers, and remove AntiVirusPro immediately if you have encountered this threat in your system.

Read the original here:
AntiVirusPro

Internet Security Deluxe is a rogue anti-spyware program - a fake spyware remover, which uses trojans, such as the infamous Zlob or Vundo, to enter the system. These trojans typically lurk in porn/warez websites, disguised as video codecs. Internet Security Deluxe relies on misleading advertising (popups, fake system notifications) and falsified system scan reports to convince the user he is infected, and therefore in need of an anti-spyware program.

Internet Security Deluxe is a scam and should be treated as such: do NOT download or buy it and block internetsecuritydeluxe.com using your HOSTS file.

View original here:
Internet Security Deluxe

Should businesspeople and other travelers heading to Beijing for the Olympics be warned about dangers posed by Chinese computer hackers?

That’s what’s worrying US government officials and security consultants, says the Wall Street Journal.

US intelligence agencies fear the potential threat to US laptops and cellphones, “But others, including the State and Commerce departments and some companies, are trying to quiet the issue for fear of offending the Chinese, these people say,” says the story, going on:

“Barack Obama became the first major presidential candidate to propose new cybersecurity policies Wednesday when he unveiled his cybersecurity strategy, which includes combating corporate espionage, shielding the country’s Internet infrastructure and establishing a national cybersecurity adviser.”

The Department of Homeland Security, “issued a warning last month to certain government and private-sector officials stating that business and government travelers’ electronic devices are often targeted by foreign governments,” says the WSJ.

But, “The warning wasn’t available to the public.”

Spy tactics include copying information contained in laptop computers at airport checkpoints or hotel rooms, wirelessly inserting spyware on BlackBerry devices, and “slurping,” using Bluetooth technology to steal data from electronic devices.

Adds the story:

“In addition to cybersecurity threats in other countries, ’so many people are going to the Olympics and are going to get electronically undressed,’ said Joel Brenner, the government’s top counterintelligence officer. He tells of one computer-security expert who powered up a new Treo hand-held computer when his plane landed in China. By the time he got to his hotel, a handful of software programs had been wirelessly inserted.”

. .

Read more from the original source:
Beijing Olympics ?cyberspy? fears

There are no doubts about how dangerous this parasite is. The Infector Trojan is always a tool of the great destruction in the hands of the hacker. After sneaking into the machine, this pest performs a set of actions, which always result in different problems. The main problem is that the anonymous hacker is able to control the infected system remotely; he or she can steal various pieces of important data (passwords, e-mail messages, etc.) or install other malicious programs.

Original post:
Infector Trojan

One minute behind bars for every junk mail

A New Yorker was jailed for 30 months on Tuesday after being convicted for spamming 1.2 million AOL members with junk mail.…

Read more from the original source:
AOL spammer jailed for 30 months

AVMaster is a new rogue anti-spyware program. It’s essentially a fake spyware remover, which uses trojans, such as Zlob or Vundo, to enter the system. These trojans typically lurk in porn/warez websites, disguised as video codecs.

AVMaster floods the user with popups and fake system notifications, supposedly to “inform” him of an infection or multiple infections present on the system. AVMaster neither has the ability to detect spyware nor dispose of it, therefore this information, while it may be true by coincidence, is not to be taken seriously. This is just a method AVMaster uses to trick the user into purchasing it’s “licensed version”.

AVMaster is a scam and should be treated as such: do NOT download or buy it and block it’s homepage using your HOSTS file.

Read more from the original source:
AVMaster